One mechanism for sharing information, such as images, between users is a peer-to-peer (P2P) network. In conventional P2P networks, each conventional computer system, or peer, in the network can act as a server for other peers in the network. For example, photosharing applications allow each peer in the P2P network to act as a server to share pictures with others in the network without the users having to upload their pictures to a Web site. One example of such a P2P application is Photo Vibe 1.2 by XFonnx, Inc. of Needham, Mass.
In order to facilitate sharing of information, a conventional peer is separated into two portions: a public portion and a protected portion. The public portion includes materials that guests can view copy or otherwise manipulate. Thus, a user of a first peer can be a guest on a second peer. As a guest, the user can view, copy, or similarly manipulate material accessible to the guest on the second peer. For example, photos which a user of the peer wishes to share with others are accessible through the public portion of the peer. The protected portion is accessible only by authorized users, not to guests. For example, a username and/or password may be required to authenticate a user and allow the user access to the protected portion. The authorized user is typically the owner or user of the peer. Using the protected portion, the authorized user of the peer can perform operations that are unavailable to guests. For example, using the protected portion, the authorized user can alter images, including images that are publicly accessible or otherwise configure the guest portion of the peer, as well as altering the images that are available to guests.
Although the conventional P2P function, one of ordinary skill in the art will readily recognize that it is desirable for an authorized user to securely access the peer. Stated differently, it would be desirable for users, particularly peer owners, to be able to access protected portions of the peer from a remote computer system, for example through the Internet. One conventional method for doing so utilizes secure certificates. In such a conventional method, the authorized user would obtain a secure certificate from a trusted certificate authority. Using the secure certificate, the authorized user can remotely access the peer, including protected portions of the peer. However, one of ordinary skill in the art will readily recognize that secure certificates are expensive. Typically, each certificate costs at least one hundred dollars. Such a high cost is undesirable. Furthermore, if each peer owner in the P2P network is given secure remote access to their peer, secure certificates for each peer may need to be managed. Managing such a large number of certificates may also require a significant overhead, which is also undesirable.
Another conventional method for allowing for remote, secure access to peers includes using Kerberos based systems. A Kerberos system is designed to allow a user to be authenticated once, then have access to multiple systems having different types. However, one of ordinary skill in the art will readily recognize that Kerberos systems are notoriously complicated. Furthermore, Kerberos systems are designed to address a different issue. Consequently, Kerberos systems are not tailored to allow many individual users to each be able to securely and remotely access particular peer(s).
Accordingly, what is needed is an improved method for remotely and securely accessing a peer. The present invention addresses such a need.